4TT4CK3R Identifies Flaw in University of Tehran Website
Vulnerability researcher 4TT4CK3R discovered on 23 August a cross-ste scripting vulnerability on website of University of Tehran. He has informed UT of the vulnerability. Although the risk of any damage is small, we should be pleased that our country Iran…
Iranian Hackers Charged By USA For Cracking/Selling Software
The USA Department of Justice –DoJ– announced indictments against two Iranians for hacking a software company –ArrowTech– in Vermont. The FBI’s Albany Cyber Squad investigated the case. Mohammed Reza Rezakhah and Mohammed Saeed Ajily were charged with five counts as follows:…
Iranian IHU EWCD Malware Domains
ICNA have already posted about the links between malware here, and the Iranian State. We have done some further research. In early March 2017 the Kaspersky report identified several domains associated with malware, including: eservic.com actdire.com securityupdated.com and chromup.com Further…
Who are the Iran Malware Team?
ICNA have found a mysterious Iranian hacking team called the “Iran Malware Team”. We have not heard of them before and would like to know more. They have a website at iranmalware.team and their site shows they appear to be…
Iranians Behind StoneDrill and NewsBeef Malware
Using simple techniques available to any security vendors looking at VirusTotal data, ICNA has found and clearly identified that the hacker xman_1365_x as being behind the StoneDrill and NewsBeef malware. Mahdi Honarvar xman_1365_x is self-identified on forums as Mahdi Honarvar…
IEDB Holds Gatherings Nationwide
In recent weeks and months users and friends of the hardworking IEDB team which has very active forum and Telegram group have suffered by the absence of the director of this team, Mr. Amir Moosavi, and they have missed him…
4tt4ck3r Finds Flaw in UK Government Websites
Iranian hacker 4tt4ck3r has previously found Reflected XSS -Cross Site Scripting- vulnerabilities in government websites of the UK as follows : Parliament of the United Kingdom The vulnerable website address is : https://www.parliament.uk/search/results/ The URL of website changed to this type : https://www.parliament.uk/search/results/?q=HellO…
4tt4ck3r Discovers XSS Vulnerability for London University
After some time we are pleased to see return 4tt4ck3r, who has had many successes with XSS vulnerabilities in the past and if God helps hopefully also in the future. The latest vulnerability discovered by 4tt4ck3r is on the website…
ZeroSec Discover Open Redirect Vulnerability in Amazon Simple Storage Service (S3)
ZeroSec (https://t.me/ZeroSecOfficial) hacker Ghostman discovered an open redirect vulnerability in Amazon Simple Storage Service (S3). The vulnerability, which lies in scoping Amazon subdomain s3.amazonaws.com into the main aws.amazon.com/s3, allows the attacker to draw the victim onto a different landing page…
Manoto Defaced by Cluwix
We can see in the picture that website of Manoto TV show “Stage” was hacked by Black Hat Hacker Cluwix. Manoto is a Persian TV station that broadcasts illegally in Iran from overseas. Stage is a competition show for choosing…